Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win 7 Security 2012 ALERT

Started by pinkwaterfairy , Jun 18 2011 03:22 PM

  • Please log in to reply

#1
pinkwaterfairy
Posted 18 June 2011 - 03:22 PM

pinkwaterfairy

    Member

  • Member
  • PipPip
  • 24 posts
Hi, I seem to have picked up a malware virus. I keep getting windows/notifications that my computer may be infected, and inviting me to scan my computer etc. These all make reference to 'Win 7 Security 2012 ALERT'.

The one that is displayed at the moment says
"Internet connection alert!
Suspicious network activity detected!
Malware infection infection is possible!
Details
Attack from: 228.23.240.186 port:13005
Attached port: 14074
Thread: IRC-Work.DOS.Septic

Do you want to block this attack?" with a Yes and a No button displayed.
Just had another one that said that Win 7 Security 2012 had detected that it was turned off and warned me that my PC would be susceptible to attack.

I would be grateful for any help in removing this as its extremely annoying!
Thank you.

Penno
my OTL log is here:
OTL logfile created on: 18/06/2011 22:05:33 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Penno\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.97 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 20.73% Memory free
5.93 Gb Paging File | 3.22 Gb Available in Paging File | 54.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 410.00 Gb Free Space | 88.05% Space Free | Partition Type: NTFS
Drive E: | 7.40 Gb Total Space | 0.01 Gb Free Space | 0.14% Space Free | Partition Type: FAT32

Computer Name: PENNOSNEW-PC | User Name: Penno | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/18 22:05:13 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Penno\Desktop\OTL.exe
PRC - [2011/06/18 21:07:52 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Penno\AppData\Local\Temp\Low\hsw.exe
PRC - [2011/04/28 14:34:42 | 001,550,136 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/12 10:33:29 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2008/02/05 07:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE
PRC - [2007/11/21 03:11:05 | 003,289,088 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2003/10/17 01:50:26 | 017,956,864 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files\Adobe\Photoshop CS\Photoshop.exe


========== Modules (SafeList) ==========

MOD - [2011/06/18 22:05:13 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Penno\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/09/12 20:14:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/06/01 18:32:36 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\26762\RapportCerberus_26762.sys -- (RapportCerberus_26762)
DRV - [2011/04/28 14:34:50 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/28 14:34:48 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 99 C3 38 74 E5 51 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/25 18:28:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/31 17:45:14 | 000,000,000 | ---D | M]

[2010/09/17 20:20:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penno\AppData\Roaming\Mozilla\Extensions
[2011/05/19 18:08:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Penno\AppData\Roaming\Mozilla\Firefox\Profiles\bbsk75y6.default\extensions
[2010/09/17 20:23:14 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Penno\AppData\Roaming\Mozilla\Firefox\Profiles\bbsk75y6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/09/17 20:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/14 22:09:10 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/09/14 22:09:10 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/09/14 22:09:10 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/09/14 22:09:10 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/18 22:05:00 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Penno\Desktop\OTL.exe
[2011/06/18 03:28:13 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{F7EA3E20-D5B4-49B0-B919-CAA48F380E3E}
[2011/06/15 22:11:20 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{7786095D-C5FC-4878-AEDE-F57E950D1D2F}
[2011/06/13 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{37CFE0C1-3863-4066-A5D8-4CDC69157AF0}
[2011/06/09 23:55:41 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{08C57BC6-A6CE-4918-AA7D-CE61B2110BC1}
[2011/06/08 22:16:00 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{1EA980BE-1740-42A6-8D74-107AC7FC913A}
[2011/06/02 23:34:30 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{1893EEDF-E4D6-420B-ABF6-952484438226}
[2011/05/30 21:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\XVI32
[2011/05/28 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\FeedDemon
[2011/05/28 11:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedDemon
[2011/05/28 11:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\FeedDemon
[2011/05/28 11:39:44 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{3CC0C7BC-A17F-4BC3-BCF4-99A64F3F4E21}
[2011/05/23 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{7CC824FC-557F-433A-AE40-AEAFFED88793}
[2011/05/23 22:23:04 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{06C156B9-08E8-4E69-B2A3-00DA7B583605}
[2011/05/21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{D4B71270-8754-4C51-9080-CAA1916297D5}
[2011/05/21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Penno\AppData\Local\{A547D1CC-CFC5-48EF-9A9C-DF37F0C6C26F}
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

========== Files - Modified Within 30 Days ==========

[2011/06/18 22:05:13 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Penno\Desktop\OTL.exe
[2011/06/18 21:06:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/18 12:06:37 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/18 12:06:37 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/18 03:34:49 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/18 03:34:49 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/18 03:27:32 | 2388,582,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/01 07:51:07 | 000,096,159 | ---- | M] () -- C:\Users\Penno\Documents\EtsyWorkshop_Photo101_1.pdf
[2011/05/31 17:45:15 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/05/25 09:04:51 | 000,241,901 | ---- | M] () -- C:\Users\Penno\Documents\VirginMediaSwopEmail.jpg

========== Files Created - No Company Name ==========

[2011/06/01 07:51:07 | 000,096,159 | ---- | C] () -- C:\Users\Penno\Documents\EtsyWorkshop_Photo101_1.pdf
[2011/05/25 09:04:51 | 000,241,901 | ---- | C] () -- C:\Users\Penno\Documents\VirginMediaSwopEmail.jpg
[2010/09/25 08:59:07 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/09/25 08:59:07 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/09/25 08:59:07 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/09/25 08:59:07 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/09/25 08:59:07 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/09/25 08:59:07 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/09/25 08:59:07 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/09/25 08:59:07 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/09/25 08:59:07 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/09/25 08:59:07 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010/09/25 08:59:07 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/09/25 08:59:07 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/09/25 08:59:07 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/09/25 08:59:07 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/09/25 08:59:07 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/09/25 08:59:07 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010/09/25 08:59:07 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010/09/25 08:59:07 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/09/25 08:59:07 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/09/25 08:57:00 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2010/09/15 19:30:38 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,390,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,628,024 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,110,208 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/10/22 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Penno\AppData\Roaming\Amazon
[2010/12/28 12:19:08 | 000,000,000 | ---D | M] -- C:\Users\Penno\AppData\Roaming\Hardcore
[2010/09/14 20:16:06 | 000,000,000 | ---D | M] -- C:\Users\Penno\AppData\Roaming\Trusteer
[2009/07/14 05:53:46 | 000,012,020 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements

#2
pinkwaterfairy
Posted 18 June 2011 - 04:21 PM

pinkwaterfairy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
sorry, think I have posted in the wrong place, will try the right place !
  • 0
Back to Windows Vista and Windows 7 · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows Vista and Windows 7

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP